<?php

namespace Admin\Controller;

use Think\Controller;
use Org\Util\Rbac;

class LoginController extends Controller{

	/** 管理员登陆 */
	public function index(){
		if (IS_POST) {
			if (! check_verify(I('post.verifycode'))) {
				$this->error('验证码错误');
			}
			$username = empty($_POST['username']) ? $this->error('用户名不能为空！') : I('post.username');
			$password = empty($_POST['password']) ? $this->error('密码不能为空!') : I('post.password');
			$user = M('Admin')->where(array('adm_name' => $username))->find();
			
			if (! empty($user)) {
				if (password_encrypt($password,$user['salt']) == $user['adm_password']) {
					session(C('USER_AUTH'),$user);
					
					// 权限认证
					$user = session(C('USER_AUTH'));
					$this->mid = $user['id'];
					session(C('USER_AUTH_KEY'),$this->mid);
					if ($user['adm_name'] == C('RBAC_SUPERADMIN')) {
						session(C('ADMIN_AUTH_KEY'),true);
					}
					Rbac::saveAccessList($this->mid);
					
					$this->success('登录成功');
				}
			} else {
				$this->error('用户不存在!');
			}
		}
		
		$this->display();
	}

	/** 登陆验证码 */
	public function verify(){
		$config = array('length' => 4,'fontSize' => 100);
		$verify = new \Think\Verify($config);
		$verify->entry(1);
	}
}